From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 346DA1FF15C for ; Wed, 13 Nov 2024 14:59:44 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 906BE169E0; Wed, 13 Nov 2024 14:59:24 +0100 (CET) From: Christoph Heiss To: pve-devel@lists.proxmox.com Date: Wed, 13 Nov 2024 14:59:07 +0100 Message-ID: <20241113135908.1622968-6-c.heiss@proxmox.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241113135908.1622968-1-c.heiss@proxmox.com> References: <20241113135908.1622968-1-c.heiss@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.030 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [RFC PATCH installer 5/5] fix #5579: install: copy over `proxmox-first-boot` script if present X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" The auto-installer will place an executable file named `proxmox-first-boot` in the installer runtime-directory if the user set up. Based on the presence of this file, we copy it over to the target system and set a flag file, indicating to the 'proxmox-first-boot' service that it is indeed the very first boot of the new system and should run. Signed-off-by: Christoph Heiss --- Proxmox/Install.pm | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/Proxmox/Install.pm b/Proxmox/Install.pm index 5c64c3d..f46d86a 100644 --- a/Proxmox/Install.pm +++ b/Proxmox/Install.pm @@ -681,6 +681,7 @@ sub extract_data { my $proxmox_libdir = $iso_env->{locations}->{lib}; my $proxmox_cddir = $iso_env->{locations}->{iso}; + my $proxmox_rundir = $iso_env->{locations}->{run}; my $proxmox_pkgdir = "${proxmox_cddir}/proxmox/packages/"; my $targetdir = is_test_mode() ? "target" : "/target"; @@ -1241,6 +1242,25 @@ _EOD debconfig_set($targetdir, "pve-manager pve-manager/country string $ucc\n"); } + my $firstboot_exec_name = 'proxmox-first-boot'; + if (-f "$proxmox_rundir/$firstboot_exec_name") { + my $firstboot_pending_flagfile = "pending-first-boot-setup"; + my $targetpath = "$targetdir/var/lib/proxmox-first-boot"; + + syscmd("mkdir -p $targetpath/") == 0 + || die "failed to create $targetpath directory\n"; + + syscmd("cp $proxmox_rundir/$firstboot_exec_name $targetpath/") == 0 + || die "unable to copy $firstboot_exec_name executable\n"; + syscmd("touch $targetpath/$firstboot_pending_flagfile") == 0 + || die "unable to create $firstboot_pending_flagfile flag file\n"; + + # Explicitly mark the entire directory only accessible, to prevent + # possible secret leaks from the bootstrap script. + syscmd("chmod -R 0700 $targetpath") == 0 + || warn "failed to set permissions for $targetpath\n"; + } + update_progress(0.8, 0.95, 1, "make system bootable"); my $target_cmdline=''; if ($target_cmdline = Proxmox::Install::Config::get_target_cmdline()) { -- 2.47.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel